package com.hp.activiti.security.config;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

import org.hibernate.Hibernate;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.stereotype.Service;

import com.hp.activiti.model.MenuInfo;
import com.hp.activiti.repository.MenuRepository;

@Service
public class MyFilterInvocationSecurityMetadataSource implements FilterInvocationSecurityMetadataSource {

	private static Map<String, Collection<ConfigAttribute>> resourceMap = new HashMap<String, Collection<ConfigAttribute>>();

	@Autowired
    private MenuRepository menuRepository;

    private RequestMatcher pathMatcher;

    @Autowired
    public void FilterSourceMetadataSource(MenuRepository repository) {
        this.menuRepository = repository;
        loadResourcePermission();
    }

    /**
     * 返回所请求资源所需要的权限
     * 针对资源的URL
     * @param o
     * @return
     * @throws IllegalArgumentException
     */
    @Override
    public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
    	
        Iterator<String> resourceUrls = resourceMap.keySet().iterator();
        while (resourceUrls.hasNext()) {
            String resUrl = resourceUrls.next();
            if(null == resUrl || resUrl.isEmpty()) {
                continue;
            }
            pathMatcher = new AntPathRequestMatcher(resUrl);
            if (pathMatcher.matches(((FilterInvocation) o).getRequest())) {
                Collection<ConfigAttribute> configAttributes = resourceMap.get(resUrl);
                return configAttributes;
            }
        }
        return null;
    }

    /**
     * 获取所有配置权限
     * @return
     */
    @Override
    public Collection<ConfigAttribute> getAllConfigAttributes() {
        Collection<Collection<ConfigAttribute>> cacs = resourceMap.values();
        Collection<ConfigAttribute> cac = new HashSet<ConfigAttribute>();
        for (Collection<ConfigAttribute> c: cacs) {
            cac.addAll(c);
        }
        return cac;
    }

    @Override
    public boolean supports(Class<?> aClass) {
        return true;
    }

    /**
     * 加载资源的权限
     */
    private void loadResourcePermission() {
        loadMenuPermisson();
    }

    /**
     * 加载菜单的权限
     */
    private void loadMenuPermisson() {
        List<MenuInfo> menus = menuRepository.findAll();
        for (MenuInfo menu: menus) {
            List<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>();
            Hibernate.initialize(menu);
            ConfigAttribute configAttribute = new SecurityConfig(menu.getMenuCode());
            configAttributes.add(configAttribute);
            if(null != resourceMap.get(menu.getMenuUrl())) {
                resourceMap.get(menu.getMenuUrl()).addAll(configAttributes);
            } else {
                resourceMap.put(menu.getMenuUrl(), configAttributes);
            }
        }
    }
}
